Apple Keyboard Firmware Hacked

Terry Olaes

Terry Olaes

I Used to be the [H] News Guy
Joined
Nov 27, 2006
Messages
4,646
Another “innovation” courtesy of DefCon is the ability to compromise the firmware of an Apple keyboard, which can give the hacker total access to the attached system. From keylogging to rootkits to total remote control, the sky's the limit for a system compromised by this hack.

To infect your keyboard, the attacker only needs to exploit one of the many weaknesses in Mac OS X and Apple applications. XOnce exploited, the attacker only needs to drop less than 100 KB of payload to infect the keyboard and the attack takes less than 18 seconds.
Click to expand...
 
I wonder if Logitech products have similar flaws. This is wild. I would have never considered the keyboard as an attack vector. Then again, I don't spend much time thinking about how I can break into things.
 
actually wireless keyboards have a very lousy encryption
 
I would like to see more of this hacking business done to apple systems, just so Apple and its fans can STFU about their systems being unhackable and finally realize that they need to fix it.
 
iGrooCk said:
I would like to see more of this hacking business done to apple systems, just so Apple and its fans can STFU about their systems being unhackable and finally realize that they need to fix it.
Click to expand...

+1


Gib
 
It's going to happen to Mac users sooner or later, the big one. Just a matter of time. Really, this type of attack is SCARY!!!
 
heatlesssun said:
It's going to happen to Mac users sooner or later, the big one. Just a matter of time. Really, this type of attack is SCARY!!!
Click to expand...

hasn't happened yet, so until it does, I still feel safe. and I'll feel safe even after it happens, because to do any major damage to an OS X system at this point the user needs to literally type in their admin password, and I'm not stupid. an image file doesn't need an admin password to open :p

as opposed to windows, where some MAJOR virus or exploit seems to happen yearly. :eek:
 
4b5eN+EE said:
as opposed to windows, where some MAJOR virus or exploit seems to happen yearly. :eek:
Click to expand...

Majority of which are new variants based on older unpatched flaws due to the number of people running pirate copies and not using automatic updates... or a corporate atmosphere where a service pack that needs to be installed must be signed in triplicate, have meetings that discusses the budget and then tested against existing software before being approved.

In short, there's a *lot* of unpatched/unmaintained Windows installations out there.
 
If the mac had anywhere near the market penetration of windows you'd have just as many nasty viruses and such as windows does. Apple's biggest protection is and always has been it's niche market and nothing to do with it being inherently more secure.
 
4b5eN+EE said:
hasn't happened yet, so until it does, I still feel safe. and I'll feel safe even after it happens, because to do any major damage to an OS X system at this point the user needs to literally type in their admin password, and I'm not stupid. an image file doesn't need an admin password to open :p

as opposed to windows, where some MAJOR virus or exploit seems to happen yearly. :eek:
Click to expand...

And I've felt perfectly safe using Windows Vista and now 7. And now that Microsoft FINALLY free, top notch a top notch AV product, I feel even safer.

The thing about OS X is what's GOING to stop an attack? The OS isn't any more secure than Windows 7, perhaps less so. The average Mac user things that security in OS X is automatic thinking that they CAN'T get hacked let alone not realizing that they can get attacked via a keyboard. This is a recipie for bad stuff to happen.

Sure Windows has taken its lumps but at the end of the day this may have in the end been the best thing for Windows in that Microsoft has to now take security more seriously than any software vendor on the market. They have no choice. OS X has never really been tested at the threat level that Windows. My guess is that is would fall apart in that OS X simply is as battlehardend. You can't design experience.
 
techrat said:
In short, there's a *lot* of unpatched/unmaintained Windows installations out there.
Click to expand...

If all Windows (XP/Vista/7) did just TWO things successful malware attacks would drop of like a rock.

1. Keep stuff patch
2. Practice the least privledged user principal, ie not running as admin all the time

A bit harder to do in XP, not at all in Vista/7 these days.
 
4b5eN+EE said:
hasn't happened yet, so until it does, I still feel safe. and I'll feel safe even after it happens, because to do any major damage to an OS X system at this point the user needs to literally type in their admin password, and I'm not stupid. an image file doesn't need an admin password to open :p

as opposed to windows, where some MAJOR virus or exploit seems to happen yearly. :eek:
Click to expand...

http://1.bp.blogspot.com/_5IWl-cAPUIs/RvQI7Pk-NII/AAAAAAAAAJU/UZVjY8kmhHw/s400/All+Is+Well.jpg
 
All seriousness:

heatlesssun said:
If all Windows (XP/Vista/7) did just TWO things successful malware attacks would drop of like a rock.

1. Keep stuff patch
2. Practice the least privledged user principal, ie not running as admin all the time

A bit harder to do in XP, not at all in Vista/7 these days.
Click to expand...

#2 is a primary reason why Vista and Windows 7 are so secure, they adopted the UNIX/OS X/Linux/BSD/etc etc security model of users not running as root all the time. When code can't self-execute because any program that wants to change the system requires elevation of rights from the user, boom, that right there wipes out viruses. All malware authors can do at that point is to try and trick users into clicking the UAC button or entering their password with a trojan.

So yeah, #2 is taken care of in Windows now. Windows XP has a fundamentally broken security model, and the moment XP usage is gone is the moment you see the vast majority of effective malware (and pretty much all viruses) go away.
 
I'll check back every hour or so to see when the real Mac v. Windows fight starts. Happens every time and usually the funniest thing I read all day.
 
heatlesssun said:
And I've felt perfectly safe using Windows Vista and now 7. And now that Microsoft FINALLY free, top notch a top notch AV product, I feel even safer.

The thing about OS X is what's GOING to stop an attack? The OS isn't any more secure than Windows 7, perhaps less so. The average Mac user things that security in OS X is automatic thinking that they CAN'T get hacked let alone not realizing that they can get attacked via a keyboard. This is a recipie for bad stuff to happen.

Sure Windows has taken its lumps but at the end of the day this may have in the end been the best thing for Windows in that Microsoft has to now take security more seriously than any software vendor on the market. They have no choice. OS X has never really been tested at the threat level that Windows. My guess is that is would fall apart in that OS X simply is as battlehardend. You can't design experience.
Click to expand...

OS X is built on unix, which is about as "battle hardened" as you can get, considering it runs a majority of the internet. :p

but I do agree with you, which is why I said I feel safe using it, not everyone should feel safe using it. I know what the fuck I'm doing. but at this point, fact is OS X HASN'T had any real major threat to it, so what I said is perfectly valid. Of course that doesn't mean it won't happen in the future, but when it does I'll be laughing right along with you at the ignorance among people who don't know what they're doing. :D

Kahoona said:
http://1.bp.blogspot.com/_5IWl-cAPUIs/RvQI7Pk-NII/AAAAAAAAAJU/UZVjY8kmhHw/s400/All+Is+Well.jpg
Click to expand...
ok? I stated 2 facts, I'm comfortable using the OS I use and that there are major attacks on windows a lot more often than OS X and I get an immature reply using an image which would indicate me complaining?
that sir, makes no sense on your part, and tells me you are quite immature for not being able to make a valid argument against me, instead resorting to an irrelevant image. :D
 
4b5eN+EE said:
OS X is built on unix, which is about as "battle hardened" as you can get, considering it runs a majority of the internet. :p
Click to expand...

Sure UNIX is big on servers, but UNIX on the desktop is NO WHERE near as "battle hardended" as Windows. Desktops and servers are very different creatures from a security aspect in many ways. Think of all the security issues that don't effect servers, things like Flash and other media players. A BIG issue with desktops that doesn't apply to the server world.
 
4b5eN+EE said:
ok? I stated 2 facts, I'm comfortable using the OS I use and that there are major attacks on windows a lot more often than OS X and I get an immature reply using an image which would indicate me complaining?
that sir, makes no sense on your part, and tells me you are quite immature for not being able to make a valid argument against me, instead resorting to an irrelevant image. :D
Click to expand...

Oh it's totally relevant, you just must've not seen Animal House.
 
very true heatless, which is why I said I agree with you, but make no mistake, the core OS is very secure.

and no, haven't seen animal house, so that went *whoosh*, right over my head.
Posted via [H] Mobile Device
 
This is nothing new, Logitech wireless keyboards have had numerous issues with being able to load keyloggers and malicious software onto the keyboard. What is important to note is that you need physical access to the keyboard, and in the case of OS X you also need the root password in order to change the firmware on the keyboard itself. That's a lot of security to go through in order to gain control of the keyboard.

Hell, you still need to get the log from the keyboard itself or the logger is pointless, so again physical access is required.

This isn't nearly as bad as this security issue that was discovered with Microsoft's Wireless Optical Desktop 1000/2000 keyboard: http://news.softpedia.com/news/The-Dark-Side-of-Hardware-Wireless-Keyboard-Keylogger-72887.shtml

That's a particularly nasty one, it doesn't even require physical access to the keyboard, keylogging can be done by simply intercepting the signal sent from the keyboard itself. Now, I don't think it is a big deal, you need to be 30 feet away in order to get the signal anyway, but as far as security breaches go its a relatively big one since it doesn't require any physical access or firmware modifications to the keyboard itself.
 
First time I ever heard of firmware for a keyboard. I can understand 'gaming' keyboards with a gazillion macro keys on it having firmware, but what's so special about Apple keyboards that require them to have firmware updatability?
 
SockMan! said:
First time I ever heard of firmware for a keyboard. I can understand 'gaming' keyboards with a gazillion macro keys on it having firmware, but what's so special about Apple keyboards that require them to have firmware updatability?
Click to expand...

Its not as over the top as something like a G15, but they still have more function keys then a normal keyboard, media controls, UI controls, hardware controls (brightness/volume), an eject button, things like that, most of which I believe work in Windows as well as OS X with the right software (I just have mine plugged into my PC with no software and don't use the extra crap). Seems like that's enough to require firmware, I dunno.
 
SockMan!
First time I ever heard of firmware for a keyboard. I can understand 'gaming' keyboards with a gazillion macro keys on it having firmware, but what's so special about Apple keyboards that require them to have firmware updatability?
Click to expand...

So they can make sure their proprietary keyboards can work with their other proprietary hardware, and proprietary software. Also so they don't have any unauthorized keyboards syncing with itunes :D
 
k3wf3w said:
So they can make sure their proprietary keyboards can work with their other proprietary hardware, and proprietary software. Also so they don't have any unauthorized keyboards syncing with itunes :D
Click to expand...

Proprietary keyboards? Its just a regular bluetooth keyboard, which can be used on any machine with bluetooth enabled, PC or mac. Troll more fool.
 
Chen said:
Apple had a tendency to rush hardware to market which has resulted in shipped keyboards with flaws that needed firmware updates. But because the keyboards are already more mature today; perhaps it wouldn’t be a bad idea for Apple to lock in the firmware.
Click to expand...

Common sense unfortunately doesn't prevail often.
 
USB or ADB? I've not bothered with USB keyboards yet but might someday. I just love the old ADB Keyboard/Mouse combo with the old macs. Have they gone bluetooth with the keyboards or are they just RF wireless?

Typing this from a Win2000 Machine atm:) it ran ME when I first bought it but that was junk switched to XP bootleg and messed it up with some reg edits and found 2000 somewhere the computer seems the happiest with 2000 anyhow.

ME and XP are the least best Windows. OS X is the best thing Apple came up with.
 
I dont really see how this turned into a OS X vs. Windows. I can understand why it would, but why would you. Its like flame bait....
 
Not to be an ass but welcome to last year. I has been known about for some time. IBM Model M ftw.
 
Serpico said:
This is nothing new, Logitech wireless keyboards have had numerous issues with being able to load keyloggers and malicious software onto the keyboard. What is important to note is that you need physical access to the keyboard, and in the case of OS X you also need the root password in order to change the firmware on the keyboard itself. That's a lot of security to go through in order to gain control of the keyboard.

Hell, you still need to get the log from the keyboard itself or the logger is pointless, so again physical access is required.

This isn't nearly as bad as this security issue that was discovered with Microsoft's Wireless Optical Desktop 1000/2000 keyboard: http://news.softpedia.com/news/The-Dark-Side-of-Hardware-Wireless-Keyboard-Keylogger-72887.shtml

That's a particularly nasty one, it doesn't even require physical access to the keyboard, keylogging can be done by simply intercepting the signal sent from the keyboard itself. Now, I don't think it is a big deal, you need to be 30 feet away in order to get the signal anyway, but as far as security breaches go its a relatively big one since it doesn't require any physical access or firmware modifications to the keyboard itself.
Click to expand...

Actually the article made it sound as if you did not need physical access to it at all. You would pass the firmware upgrade to somebody through a site. It would install itself to the keyboard, then it would create a open port on the computer for the attacker to gain access to the machine and get everything that way.
 
niconx said:
This is what happens when you give a keyboard a firmware.
Click to expand...

I think a keyboard software might do the trick too. My Logitech G15 uses software to run its profiles and features. I hope it's secured.
 
VA Supremacy said:
ME and XP are the least best Windows. OS X is the best thing Apple came up with.
Click to expand...

Wow, take an old OS that has been around nearly a decade and kick it in the nuts.

OSX is based on BSD, and their Aqua APIs and bastardized NexT parts are what are licensed.
 
TechBoy said:
I dont really see how this turned into a OS X vs. Windows. I can understand why it would, but why would you. Its like flame bait....
Click to expand...

Simple, it's in the fan-boi rule book for Applites. Whenever something obviously flawed comes out about an Apple product, you immediately drag their competitor into it as to draw attention away from the actual flaw. Even if the competitor has absolutely zero to do with the original flaw.

Kinda funny how it works, if this is found on a Windows system, the reaction is:

"Wow, Microsoft really dropped the ball on that one"

If it is found in an Apple system:

"Wow, Microsoft really dropped the ball on that one ..."

=)
 
4b5eN+EE said:
OS X is built on unix, which is about as "battle hardened" as you can get, considering it runs a majority of the internet. :p
Click to expand...
Servers and desktop OS are two different things.

I can lock a server down that does ONE function (serving up web pages) very well. It really doesn't matter what on earth the OS itself is... When it serves a singular function like that, you can lock anything down. If you locked Windows down the same way, it could run just as well and secure as *NIX. But at that point, if they both serve the same thing, why go Paid when you can get Free? THAT is why *NIX has such a big slice of the web/internet market.



Now to the hack being discussed... This problem is actually made worse on Macs. Apple puts the same hardware in every Mac (Alright, different generations might differ, but you get the point). Thus, a hacker could write one hack for all Macs.
In Windows, you don't have this problem... Because everyone is using a different brand of keyboard. Sure you could write a hack for a G15 keyboard, but your chances of success go way down. With Mac, you're guaranteed that it'll work on everyone's hardware. The question then just becomes who you can trick into running it.

Regardless, this is one VERY NASTY hack. You infect at the firmware/hardware level, and you have total control over everything short of them unplugging from the network.
 
Another reason why I don't like wireless peripherals.
 
You must log in or register to reply here.
Back
Top